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DETAILED ACTION 

1 . This action is issued in response to the Amendment filed on 10/1 1/2006. 

2. Claims 1 - 14 were amended. No claims were canceled. Claims 15-18 were 
added. 

3. This action is made Final. 

4. Claims 1 - 18 are pending in this application. 

5. Applicant's arguments filed on 10/1 1/2006 have been fully considered but they 
are not persuasive. 



Drawings 

6. The newly amended drawings are objected to because they do not show a 
legend for clarification of the items; and they are crossed out. 

Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in 
reply to the Office action to avoid abandonment of the application. Any amended 
replacement drawing sheet should include all of the figures appearing on the immediate 
prior version of the sheet, even if only one figure is being amended. The figure or figure 
number of an amended drawing should not be labeled as "amended." If a drawing figure 
is to be canceled, the appropriate figure must be removed from the replacement sheet, 
and where necessary, the remaining figures must be renumbered and appropriate 
changes made to the brief description of the several views of the drawings for 
consistency. Additional replacement sheets may be necessary to show the renumbering 
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of the remaining figures. Each drawing sheet submitted after the filing date of an 
application must be labeled in the top margin as either "Replacement Sheet" or "New 
Sheet" pursuant to 37 CFR 1 .121(d). If the changes are not accepted by the examiner, 
the applicant will be notified and informed of any required corrective action in the next 
Office action. The objection to the drawings will not be held in abeyance. 
Appropriate correction is required. 

Claim Objections 

7. Claims 1 5 - 1 6 are objected to because of the following informalities: 
Claims 15-16 include parenthesis in the claim language. 
Appropriate correction is required. 

Claim Rejections - 35 USC § 102 

8. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the Invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

9. Claims 1-14 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Underwood (US Parent No. 6,704,873 B1, filed July 30, 1999). 
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Regarding Claim 1 , Underwood discloses a data processing device adapted to 
be installed in a data processing server adapted to receive primary data and to transmit 
said primary data after application of dedicated processing based on primary rules by 
control means, comprising: 

a first table storing sets of at least one primary rule, called "primary metarules", in 
a parameterizable form and in corresponding relationship to primary identifiers and (Col. 
116, lines 47 - 50; ... stored parameters ... validates the user's entry by checking for 
existence on the "State Tax Table", Underwood); and 

management means adapted to be coupled to said control means and (Col. 127, lines 
58 - 64, management controllers, Underwood), on receipt of auxiliary data representing 
operating parameters delivered by said control means after reception by the server of 
secondary data (Col. 137, lines 8 — 11, Underwood 1 ), to select at least one of the 
primary identifiers in the first table (Col. 139 and 140, lines 47 - 54 and 7 - 10, ... 
retrieve a user's information from the Membership Directory...; respectively, 
Underwood) and associate said auxiliary data therewith so as to define said dedicated 
processes (Col. 139 and 140, lines 47 - 54 and 7 - 10, " ... binding to the current user's 
information in the Membership Directory and "... maps Membership groups to proxy 
Windows NT groups accounts to determine a member's security permissions ..."; 
respectively, Underwood). 



1 Wherein information such as the computer name, user name, and password correspond to the auxiliary 
data claimed. 
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Regarding Claim 2, Underwood discloses a device, further comprising a second 
table accessible to said management means in which are stored secondary identifiers 
each in corresponding relationship to at least one selected primary identifier associated 
with auxiliary data (Col. 118 and 119, lines 47 - 52 and 51 - 53; respectively, 
Underwood). 

Regarding Claim 3, Underwood discloses a device, wherein said management 
means are adapted, on receipt of said auxiliary data, to determine whether the at least 
one selected primary identifiers corresponding to the type of said auxiliary data is 
present in the secondary table (Fig. 142, Team Membership table, Col. 140, lines 28 - 
37, looks for the two cookies, Underwood), and to associate the at least one selected 
primary identifier with new auxiliary data so as to adapt said dedicated processes (Col. 
140, lines 41 - 44, if the cookies don't exist the filter then the ISAPI filter creates and 
binds to a new member in the Membership Directory, Underwood). 

Regarding Claim 4, Underwood discloses a device, wherein certain selected 
primary metarules in the second table are grouped into secondary metarules 
represented by secondary identifiers (Col. 24 and 283, lines 41 - 42 and 57 - 59, and 9 
- 14; respectively, Underwood 2 ). 



2 Wherein the generic rule set corresponds to the primary metarules claimed; and the additional access 
control rules correspond to the secondary metarules claimed. 
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Regarding Claim 5, Underwood discloses a device, wherein said management 
means comprise a multiplicity of management submodules each adapted to manage the 
association of auxiliary data with at least one primary or secondary metarule (Fig. 21 A, 
items 2102 and 2104, Col. 71 , lines 51 - 59, Underwood) and are adapted, on receipt of 
said auxiliary data, to determine which of said management submodules corresponds 
thereto (Fig. 21 A, items 2106 and 2108, Col. 71, lines 59 - 65, Underwood 3 ). 

Regarding Claim 6, Underwood discloses a device, wherein that said 
management means are adapted, on receipt of said auxiliary data communicated by the 
server, to add, delete or modify primary or secondary metarules or auxiliary data in the 
second table associated with said primary or secondary metarules (Col. 119, lines 25 - 
34,manipulate (insert, update, delete), Underwood). 

Regarding Claim 7, Underwood discloses a device, wherein that said 
management means and said tables are part of a metafirewall adapted to manage a 
firewall equipping said server (Col. 269, lines 11-14 and 25 - 28, rules as those 
governing packet filters and are based on the IP addresses and port numbers of client 
and server, Underwood). 

Regarding Claim 8, Underwood discloses a firewall comprising a device (Col. 
270, lines 63 - 67, Underwood). 

3 Wherein the step of identifying a skill set required and determining a current skill set corresponds to the 
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Regarding Claim 9, Underwood discloses a data processing method consisting in 
applying dedicated processes based on primary rules to primary data received by a 
data processing server so that the received primary data is processed before being 
transmitted by said server, comprising: 

a preliminary step in which there are stored in a first table sets of at least one 
primary rule, called "primary metarules", in a parameterizable form and in corresponding 
relationship to primary identifiers (Col. 116, lines 47-50; ... stored parameters ... 
validates the user's entry by checking for existence on the "State Tax Table", 
Underwood); and 

on receipt of auxiliary data representing operating parameters delivered by the server 
after the receipt of secondary data (Col. 137, lines 8-11, Underwood 4 ), at least one of 
the primary identifiers in the first table is selected and said auxiliary data is associated 
with said primary identifier so as to define said dedicated processes (Col. 139 and 140, 
lines 47 - 54 and 7 - 10, " ... binding to the current user's information in the 
Membership Directory and "... maps Membership groups to proxy Windows NT 
groups accounts to determine a member's security permissions ..."; respectively, 
Underwood). 

Regarding Claim 10, Underwood discloses a method, characterized in that, 
wherein during the preliminary step, secondary identifiers each in corresponding 

step of determining which management modules corresponds thereto as claimed. 
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relationship to at least one selected primary identifier associated with auxiliary data are 
stored in a second table (Col. 118 and 119, lines 47 - 52 and 51 - 53; respectively, 
Underwood). 

Regarding Claim 11, Underwood discloses a method, wherein on receipt of the 
auxiliary data, it is determined whether the at least one selected primary identifiers that 
corresponds to the type of auxiliary data is present in the second table (Fig. 142, Team 
Membership table, Col. 140, lines 28 - 37, looks for the two cookies, Underwood), and 
to associate the at least one selected primary identifier with new auxiliary data so as to 
adapt said dedicated processes (Col. 140, lines 41 - 44, if the cookies don't exist the 
filter then the ISAPI filter creates and binds to a new member in the Membership 
Directory, Underwood). 

Regarding Claim 12, Underwood discloses a method, wherein certain primary 
metarules in the second table are grouped into secondary metarules represented by 
secondary identifiers (Col. 24 and 283, lines 41 - 42 and 57 - 59, and 9-14; 
respectively, Underwood 5 ). 

Regarding Claim 13, Underwood discloses a method, wherein there are 
executed in parallel the selection of the primary or secondary metarules in the first table 

4 Wherein information such as the computer name, user name, and password correspond to the auxiliary 
data claimed. 

5 Wherein the generic rule set corresponds to the primary metarules claimed; and the additional access 
control rules correspond to the secondary metarules claimed. 
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(Col. 139, lines 57 - 62, choose the type of authentication, Underwood) and the 
modification of the auxiliary data in the second table associated with the secondary 
identifier representing the selected primary or secondary metarules (Col. 140, lines 41 - 
44, filter creates and binds to a new member, Underwood). 

Regarding Claim 14, Underwood discloses a method, wherein, on receipt of 
complementary data communicated by said server, primary or secondary metarules are 
added to, deleted from or modified in the second table (Col. 119, lines 25 - 34, 
manipulate (insert, update, delete), Underwood). 

Regarding Claim 15, Underwood discloses a network data processing device, 
comprising: 

a network data processing module (Col. 11, lines 21-31, Underwood); and 
a management module coupled to said network data processing module, said 
management module comprising a first memory containing a first table (Col. 116, lines 
47-50; ... stored parameters ... validates the user's entry by checking for existence on 
the "State Tax Table", Underwood), said first table being adapted to contain primary 
identifiers associated with at least one parameterized rule (Col. 1 1 6, lines 47 - 50; . . . 
stored parameters ... validates the user's entry by checking for existence on the "State 
Tax Table", Underwood) for providing direction to said network data processing module 
when one or more of (a) said primary identifiers and (b) said at least one parameterized 
rule are associated with at least one parameter value (Col. 139 and 140, lines 47 - 54 
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and 7 - 10, " ... binding to the current user's information in the Membership Directory 

and "... maps Membership groups to proxy Windows NT groups accounts to 
determine a member's security permissions respectively, Underwood); 

wherein said network data processing module, in response to receiving said 
direction, manages network data according to said direction (Col. 11 and 140, lines 21 - 
31 and 48 - 52; respectively, Underwood). 

Regarding Claim 16, Underwood discloses a device, said management module 
further comprising a second memory containing a second table, said second table being 
adapted to contain secondary identifiers associated with at least one of said primary 
identifiers and one or more respective parameter values (Col. 118 and 119, lines 47 - 
52 and 51 - 53; respectively, Underwood). 

Regarding Claim 17, Underwood discloses a method of processing network data, 
comprising: 

storing as entries in a first table, primary identifiers, each with one or more 
associated parameterized rules (Col. 1 1 6, lines 47 - 50; . . . stored parameters . . . 
validates the user's entry by checking for existence on the "State Tax Table", 
Underwood); 

receiving data comprising at least one parameter value (Col. 139, lines 44 - 49, 
... aggregates all of user's attributes Underwood); and 
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making a determination whether said parameter value can be associated with 
an existing one of the entries in said first table (Col. 140, lines 7-10, Underwood); 

when the determination is affirmative, making a combination of said parameter 
value and said associated parameterized rules, and communicating said combination to 
a network data processing module so as to direct said network data processing module 
(Col. 140, lines 37 - 39, Underwood). 

Regarding Claim 18, Underwood discloses a method of processing network data, 
comprising: 

storing as entries in a first table, first primary identifiers, each with one or more 
associated parameterized rules (Col. 116, lines 47 - 50; ... stored parameters ... 
validates the user's entry by checking for existence on the "State Tax Table", 
Underwood); 

storing as entries in a second table, secondary identifiers, each with one or more 
associated second primary identifiers and one or more associated parameter values 
(Col. 118 and 119, lines 47 - 52 and 51 - 53; respectively, Underwood); 

receiving data comprising at least one new parameter value (Col. 139, lines 44 - 
49, ... aggregates all of user's attributes Underwood); 

determining at least one associable second primary identifier which said new 
parameter value can be associated with (Col. 140, lines 7-10, Underwood); 

storing said new parameter value in association with said associable second 
primary identifier (Col. 140, lines 37 - 43, Underwood); 
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determining current associated parameter values and corresponding 
parameterized rules for each of said secondary identifiers (Col. 139, lines 57 - 58, 
Underwood); 

making a combination said current associated parameter values and said 
corresponding parameterized rules for directing said network data processing module 
(Col. 140, lines 37 - 41 , ... the information found therein is used to authenticate and 
bind to a member Underwood); and 

communicating said combination to a network data processing module so as to 
direct said network data processing module (Col. 1 1 and 140, lines 21 - 31 and 48 - 52; 
respectively, Underwood). 
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Response to Arguments 

1 . Applicant argues that the prior art fails to disclose; "sets of at least one . . . rule in 
a parameterizable form". 

. Examiner respectfully disagrees. The applied prior art does disclose the limitation 
of: sets of at least one primary rule, called "primary metarules", in a parameterizable 
form and in corresponding relationship to primary identifiers and (Col. 116, lines 47 - 
50; ... stored parameters ... validates the user's entry by checking for existence on the 
"State Tax Table", Underwood). Additionally, Underwood discloses details regarding the 
rules (Fig. 20A, item 2002, Col. 61, lines 46 - 53, attribute rules, Underwood). 

2. Applicant argues that the prior art fails to disclose; "the selection" of "primary 
identifiers". 

Examiner respectfully disagrees/The claim language does not recite the specific 
wording "selection of primary identifiers". The applied prior art does disclose the claimed 
limitation of: select at least one of the primary identifiers in the first table (Col. 139 and 
140, lines 47 - 54 and 7-10, ... retrieve a user's information from the Membership 
Directory. . . ; respectively, Underwood). 

3. Applicant argues that the prior art fails to disclose; "associate said auxiliary data 
therewith so as to define said dedicated processes". 
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Examiner respectfully disagrees. The applied prior art does disclose: associate 
said auxiliary data therewith so as to define said dedicated processes (Col. 139 and 
140, lines 47 - 54 and 7 - 10, " ... binding to the current user's information in the 
Membership Directory and "... maps Membership groups to proxy Windows NT 
groups accounts to determine a member's security permissions respectively, 
Underwood). 
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Conclusion 

1 . The prior art made of record and not relied upon is considered pertinent to 

V) 

applicant's disclosure. 

2. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 
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Prior Art Made Of Record 

1 . Underwood (US Parent No. 6,704,873 B1 , filed July 30, 1999) discloses a secure 
gateway interconnection in an e-commerce based environment. 

2. Underwood (US Patent No. 6,718,535 B1 ) discloses a system, method and 
article of manufacture for an activity framework design in an e-commerce based 
environment. 

3. Liu et al. (US Patent No. 6,839,680 B1 ) discloses an Internet Profiling. 
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Points Of Contact 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Giovanna Colan whose telephone number is (571) 272- 
2752. The examiner can normally be reached on 8:30 am - 5:00 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, John Breene can be reached on (571) 272-4107. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Giovanna Colan 
Examiner 
Art Unit 2162 
December 22, 2006 




